Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73c8c340 by security tracker role at 2026-02-19T08:13:59+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2026-2711 (A vulnerability has been found in
zhutoutoutousan worldquant-mine
CVE-2026-2709 (A flaw has been found in busy up to 2.5.5. The affected element
is an ...)
TODO: check
CVE-2026-2706 (A flaw has been found in code-projects Patient Record
Management Syste ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-2705 (A vulnerability was detected in Open Babel up to 3.1.1. The
impacted e ...)
TODO: check
CVE-2026-2704 (A security vulnerability has been detected in Open Babel up to
3.1.1. ...)
@@ -21,11 +21,11 @@ CVE-2026-2693 (A vulnerability was determined in CoCoTeaNet
CyreneAdmin up to 1.
CVE-2026-2692 (A vulnerability was found in CoCoTeaNet CyreneAdmin up to
1.3.0. This ...)
TODO: check
CVE-2026-2691 (A vulnerability has been found in itsourcecode Event Management
System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2690 (A flaw has been found in itsourcecode Event Management System
1.0. Aff ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2689 (A vulnerability was detected in itsourcecode Event Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-2686 (A security vulnerability has been detected in SECCN Dingcheng
G10 3.1. ...)
TODO: check
CVE-2026-2684 (A vulnerability was determined in Tsinghua Unigroup Electronic
Archive ...)
@@ -39,7 +39,7 @@ CVE-2026-2676 (A weakness has been identified in GoogTech
sms-ssm up to e8534c76
CVE-2026-2672 (A security flaw has been discovered in Tsinghua Unigroup
Electronic Ar ...)
TODO: check
CVE-2026-2670 (A vulnerability was identified in Advantech WISE-6610
1.2.1_20251110. ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2026-2669 (A vulnerability was determined in Rongzhitong Visual Integrated
Comman ...)
TODO: check
CVE-2026-2668 (A vulnerability was found in Rongzhitong Visual Integrated
Command and ...)
@@ -51,13 +51,13 @@ CVE-2026-2666 (A flaw has been found in mingSoft MCMS
6.1.1. The affected elemen
CVE-2026-2665 (A vulnerability was detected in huanzi-qch base-admin up to
57a8126bb3 ...)
TODO: check
CVE-2026-2504 (The Dealia \u2013 Request a quote plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2502 (The xmlrpc attacks blocker plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2284 (The News Element Elementor Blog Magazine plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-2282 (The Slidorion plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-27182 (Saturn Remote Mouse Server contains a command injection
vulnerability ...)
TODO: check
CVE-2026-27181 (MajorDoMo (aka Major Domestic Module) allows unauthenticated
arbitrary ...)
@@ -113,47 +113,47 @@ CVE-2026-24743 (InvoicePlane is a self-hosted open source
application for managi
CVE-2026-24126 (Weblate is a web based localization tool. Prior to 5.16.0, the
SSH man ...)
TODO: check
CVE-2026-1999 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-1994 (The s2Member plugin for WordPress is vulnerable to privilege
escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1646 (The Advance Block Extend plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1455 (The Whatsiplus Scheduled Notification for Woocommerce plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1405 (The Slider Future plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1373 (The Easy Author Image plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1355 (A Missing Authorization vulnerability was identified in GitHub
Enterpr ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-1055 (The TalkJS plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1047 (The salavat counter Plugin plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1044 (The Tennis Court Bookings plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1043 (The PostmarkApp Email Integrator plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0974 (The Orderable \u2013 WordPress Restaurant Online Ordering
System and F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0926 (The Prodigy Commerce plugin for WordPress is vulnerable to
Local File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0912 (The Toret Manager plugin for WordPress is vulnerable to
unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0722 (The Shield Security plugin for WordPress is vulnerable to
Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0573 (An URL redirection vulnerability was identified in GitHub
Enterprise S ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2026-0561 (The Shield Security plugin for WordPress is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0556 (The XO Event Calendar plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0549 (The Groups plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4960 (The com.epson.InstallNavi.helper tool, deployed with the EPSON
printer ...)
TODO: check
CVE-2025-4521 (The IDonate \u2013 Blood Donation, Request And Donor Management
System ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15586 (OGP-Website installs prior git commit
52f865a4fba763594453068acf8fa9e3 ...)
TODO: check
CVE-2025-15585 (Fileflows versions before 25.05.2 are affected by an
authenticated SQL ...)
@@ -161,105 +161,105 @@ CVE-2025-15585 (Fileflows versions before 25.05.2 are
affected by an authenticat
CVE-2025-15581 (Orthanc versions before 1.12.10 are affected by an
authorisation logic ...)
TODO: check
CVE-2025-15041 (The BackWPup \u2013 WordPress Backup & Restore Plugin plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14983 (The Advanced Custom Fields: Font Awesome Field plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14864 (The Virusdie - One-click website security plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14851 (The YaMaps for WordPress plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14452 (The WP Customer Reviews plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14445 (The Image Hotspot by DevVN plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14427 (The Shield Security: Blocks Bots, Protects Users, and Prevents
Securit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14357 (The Mega Store Woocommerce theme for WordPress is vulnerable
to unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14342 (The SEO Plugin by Squirrly SEO plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14294 (The Razorpay for WooCommerce plugin for WordPress is
vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14270 (The OneClick Chat to Order plugin for WordPress is vulnerable
to autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14167 (The Remove Post Type Slug plugin for WordPress is vulnerable
to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14076 (The iXML \u2013 Google XML sitemap generator plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13930 (The Checkout Field Manager (Checkout Manager) for WooCommerce
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13864 (The Breeze - WordPress Cache Plugin plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13851 (The Buyent Classified plugin for WordPress (bundled with
Buyent theme) ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13842 (The Breadcrumb NavXT plugin for WordPress is vulnerable to
authorizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13738 (The Easy Table of Contents plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13732 (The s2Member \u2013 Excellent for All Kinds of Memberships,
Content Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13617 (The Apollo13 Framework Extensions plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13612 (The Album and Image Gallery plus Lightbox plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13603 (The WP AUDIO GALLERY plugin for WordPress is vulnerable to
Unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13587 (The Two Factor (2FA) Authentication via Email plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13563 (The Lizza LMS Pro plugin for WordPress is vulnerable to
Privilege Esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13438 (The Page Title, Description & Open Graph Updater plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13413 (The Country Blocker for AdSense plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13113 (The Web Accessibility by accessiBe plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13091 (The Shopire theme for WordPress is vulnerable to unauthorized
modifica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13079 (The Popup Builder \u2013 Create highly converting, mobile
friendly mar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13048 (The StatCounter \u2013 Free Real Time Visitor Stats plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12975 (The CTX Feed \u2013 WooCommerce Product Feed Manager plugin
for WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12884 (The Advanced Ads \u2013 Ad Manager & AdSense plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12882 (The Clasifico Listing plugin for WordPress is vulnerable to
privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12845 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms,
CF7, Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12821 (The NewsBlogger theme for WordPress is vulnerable to
Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12812 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-12811 (Improper Inconsistent Interpretation of HTTP Requests ('HTTP
Request S ...)
TODO: check
CVE-2025-12707 (The Library Management System plugin for WordPress is
vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12500 (The Checkout Field Manager (Checkout Manager) for WooCommerce
plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12451 (The Easy SVG Support plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12448 (The Smartsupp \u2013 live chat, AI shopping assistant and
chatbots plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12375 (The Printful Integration for WooCommerce plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12172 (The Mailchimp List Subscribe Form plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12117 (The Renden theme for WordPress is vulnerable to Stored
Cross-Site Scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12116 (The Drift theme for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12081 (The ACF Photo Gallery Field plugin for WordPress is vulnerable
to unau ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12027 (The Mesmerize Companion plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11754 (The GDPR Cookie Consent plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11725 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11706 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2019-25401 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH
printer conta ...)
TODO: check
CVE-2019-25400 (IPFire 2.21 Core Update 127 contains multiple reflected
cross-site scr ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c8c340684023d38ce1bd14dc09fe7028eeb077
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c8c340684023d38ce1bd14dc09fe7028eeb077
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
